diff --git a/deploy/kubernetes/setup-csi-snapshotter.yaml b/deploy/kubernetes/setup-csi-snapshotter.yaml new file mode 100644 index 00000000..f5285e6a --- /dev/null +++ b/deploy/kubernetes/setup-csi-snapshotter.yaml @@ -0,0 +1,144 @@ +# This YAML file contains all API objects that are necessary to run external +# CSI snapshotter. +# +# In production, this needs to be in separate files, e.g. service account and +# role and role binding needs to be created once, while stateful set may +# require some tuning. +# +# In addition, hostpath CSI driver is hardcoded as the CSI driver. +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-snapshotter + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: external-snapshotter-runner +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["endpoints"] + verbs: ["list", "watch", "create", "update", "delete", "get"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshotter-role +subjects: + - kind: ServiceAccount + name: csi-snapshotter + namespace: default +roleRef: + kind: ClusterRole + name: external-snapshotter-runner + apiGroup: rbac.authorization.k8s.io + +--- +kind: Service +apiVersion: v1 +metadata: + name: csi-snapshotter + labels: + app: csi-snapshotter +spec: + selector: + app: csi-snapshotter + ports: + - name: dummy + port: 12345 + +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-snapshotter +spec: + serviceName: "csi-snapshotter" + replicas: 1 + selector: + matchLabels: + app: csi-snapshotter + template: + metadata: + labels: + app: csi-snapshotter + spec: + serviceAccount: csi-snapshotter + containers: + - name: csi-provisioner + image: xyang105/csi:csi-provisioner + args: + - "--provisioner=csi-hostpath" + - "--csi-address=$(ADDRESS)" + - "--connection-timeout=15s" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: csi-snapshotter + image: xyang105/csi:csi-snapshotter + args: + - "--csi-address=$(ADDRESS)" + - "--connection-timeout=15s" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: hostpath + image: xyang105/csi:csi-hostpath + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + volumeMounts: + - name: socket-dir + mountPath: /csi + volumes: + - name: socket-dir + emptyDir: diff --git a/examples/kubernetes/pvc.yaml b/examples/kubernetes/pvc.yaml new file mode 100644 index 00000000..cb3c4560 --- /dev/null +++ b/examples/kubernetes/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: hpvc +spec: + storageClassName: csi-hostpath-sc + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/examples/kubernetes/restore.yaml b/examples/kubernetes/restore.yaml new file mode 100644 index 00000000..942d0cf8 --- /dev/null +++ b/examples/kubernetes/restore.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: hpvc-restore +spec: + storageClassName: csi-hostpath-sc + dataSource: + name: new-snapshot-demo + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/examples/kubernetes/snapshot.yaml b/examples/kubernetes/snapshot.yaml new file mode 100644 index 00000000..b7a913f9 --- /dev/null +++ b/examples/kubernetes/snapshot.yaml @@ -0,0 +1,9 @@ +apiVersion: snapshot.storage.k8s.io/v1alpha1 +kind: VolumeSnapshot +metadata: + name: new-snapshot-demo +spec: + snapshotClassName: csi-hostpath-snapclass + source: + name: hpvc + kind: PersistentVolumeClaim diff --git a/examples/kubernetes/snapshotclass.yaml b/examples/kubernetes/snapshotclass.yaml new file mode 100644 index 00000000..dfa34df5 --- /dev/null +++ b/examples/kubernetes/snapshotclass.yaml @@ -0,0 +1,5 @@ +apiVersion: snapshot.storage.k8s.io/v1alpha1 +kind: VolumeSnapshotClass +metadata: + name: csi-hostpath-snapclass +snapshotter: csi-hostpath diff --git a/examples/kubernetes/storageclass.yaml b/examples/kubernetes/storageclass.yaml new file mode 100644 index 00000000..c9279716 --- /dev/null +++ b/examples/kubernetes/storageclass.yaml @@ -0,0 +1,7 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: csi-hostpath-sc +provisioner: csi-hostpath +reclaimPolicy: Delete +volumeBindingMode: Immediate